Cisco Cisco Web Security Appliance S190 Guía Del Usuario
2-29
AsyncOS 10.0 for Cisco Web Security Appliances User Guide
Chapter 2 Connect, Install, and Configure
Using the P2 Data Interface for Web Proxy Data
Creating WCCP Services for IP Spoofing
Step 1
If you have enabled IP spoofing on the web proxy, create two WCCP services. Create a standard WCCP
service, or create a dynamic WCCP service that redirects traffic based on destination ports.
service, or create a dynamic WCCP service that redirects traffic based on destination ports.
Step 2
Create a dynamic WCCP service that redirects traffic based on source ports.
Use the same port numbers, router IP address, and router security settings as used for the service created
in
in
Step 1
.
Note
Cisco suggests using a service ID number from 90 to 97 for the WCCP service used for the return
path (based on the source port).
path (based on the source port).
Related Topics
•
.
Increasing Interface Capacity Using VLANs
You can configure one or more VLANs to increase the number of networks the Cisco Web Security
Appliance can connect to beyond the number of physical interfaces included.
Appliance can connect to beyond the number of physical interfaces included.
VLANs appear as dynamic “Data Ports” labeled in the format of: “VLAN DDDD” where the “DDDD”
is the ID and is an integer up to 4 digits long (VLAN 2, or VLAN 4094 for example). AsyncOS supports
up to 30 VLANs.
is the ID and is an integer up to 4 digits long (VLAN 2, or VLAN 4094 for example). AsyncOS supports
up to 30 VLANs.
A physical port does not need an IP address configured in order to be in a VLAN. The physical port on
which a VLAN is created can have an IP that will receive non-VLAN traffic, so you can have both VLAN
and non-VLAN traffic on the same interface.
which a VLAN is created can have an IP that will receive non-VLAN traffic, so you can have both VLAN
and non-VLAN traffic on the same interface.
VLANs can only be created on the Management and P1 data ports.
Configuring and Managing VLANs
You can create, edit and delete VLANs via the
etherconfig
command. Once created, a VLAN can be
configured via the
interfaceconfig
command in the CLI.
Example 1: Creating a New VLAN
In this example, two VLANs are created (named VLAN 31 and VLAN 34) on the P1 port:
Step 1
Do not create VLANs on the T1 or T2 interfaces.Access the CLI.
Step 2
Follow the steps shown.
example.com> etherconfig
Choose the operation you want to perform:
- MEDIA - View and edit ethernet media settings.
- VLAN - View and configure VLANs.
- MTU - View and configure MTU.
[]> vlan
VLAN interfaces: